Biometrics emerge as pass code alternative

New tech addresses lapses in security

July 15, 2014 10:17 PM

Marcio Jose Sanchez/Associated Press

Phil Schiller, Apple's senior vice president of worldwide product marketing, speaks on stage in 2013 during the introduction of the new iPhone 5s, which included a fingerprint scanner known as Touch ID.

Share with others:

Related Media:

A unanimous decision delivered last month showed that even the grizzled justices of the Supreme Court respect the need for cell phone security, with the nation’‍s highest court ruling that law enforcement cannot access a suspect’‍s cell phone absent a search warrant.

Yet all of those personal data are often easily accessible to thieves through hacking. A Consumer Reports survey in May found 3.1 million smartphones were reported as stolen in the U.S. last year, and only 47 percent of the owners had limited access through a pass code — a feature that users cited as “annoying.”

No wonder that biometric verifications such as fingerprints, irises and even the owner’‍s ear lobe are becoming more popular than four-digit PINs.

“Passwords are getting easier to crack,” explains Marios Savvides, professor and director of the CyLab Biometrics Center at Carnegie Mellon University. “And when you try to create stronger passwords, you end up writing them down — which defeats the purpose.”

The market of biometrics is addressing these lapses in security.

Biometric technologies identify an individual based on unique physical and behavioral traits. These include facial makeup, voice, gait and pulse — thereby reducing the risk of identity fraud and eliminating the need for password memorization.

“Because manufacturers know users are unlikely to select complex pass codes on their mobile devices, they have driven biometrics to compel users to utilize authentication,” said Chris Crowley of SANS Institute, an information security training company in San Francisco.

That includes Android, which first incorporated biometrics into its ICS 4.0 in 2011, providing facial recognition software to 86 percent of deployed Android devices. In September 2013, Apple introduced a fingerprint scanner known as Touch ID into the iPhone 5s, and this past April, Samsung released a fingerprint reader of its own on its Galaxy 5S — selling 11 million units within the month.

In addition, digital companies such as Hoyos Labs in New York are producing applications that offer multimodal biometrics, requiring facial, iris and voice authentication before granting access to a device.

“The best way to ensure protection against spoofing is not to rely on a single biometric modality,” said Mr. Savvides.

Smartphone developers are not the only players profiting from biometric technologies.

“Facial recognition has been really useful in helping law enforcement catch the bad guy,” explained Mr. Savvides, highlighting the ability of biometrics to help police match a grainy piece of photographic evidence with a member of a criminal database.

In turn, biometrics companies such as BioEnable Technologies in New Delhi and Iris Guard EyeBank in Amman, Jordan, are catering to the international banking industry, providing ATMs to banks in Russia, China, Egypt and Singapore.

These ATMs — accessible only upon voice or iris verification — are particularly useful in avoiding credit card fraud and providing an alternative to residents of rural areas who are not accustomed to carrying credit cards.

Additional biometrics currently available on the market eliminate the need for home locks or car keys, seen in the new fingerprint-driven ignitions of the new Mercedes-Benz S-Class.

“We’re starting to see a fandom of biometrics, and it makes sense,” said Mr. Savvides. “The possibilities are endless.”

Join the conversation:

To report inappropriate comments, abuse and/or repeat offenders, please send an email to
socialmedia@post-gazette.com and include a link to the article and a copy of the comment. Your report will be reviewed in a timely manner.
Thank you.